For instance there is a zip-like file in the Firefox distribution, omni.ja, which is a zip container with the central directory placed at the start of the file instead of after the local entries as required by the zip standard. This update now permits such containers to not raise a zip bomb alert, where in fact there are no overlaps.

For Debian 7 Wheezy, these problems have been fixed in version 6.0-8+deb7u8.

It was discovered that various procedures in Ghostscript, the GPLPostScript/PDF interpreter, do not properly restrict privileged calls,which could result in bypass of file system restrictions of the dSAFERsandbox.

For Debian 8 "Jessie", these problems have been fixed in version9.26a~dfsg-0+deb8u5.

We recommend that you upgrade your ghostscript packages.

Further information about Debian LTS security advisories, how to applythese updates to your system and frequently asked questions can befound at: https://wiki.debian.org/LTS